bpmcdevitt/misc_rbtools
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

added more to nvd downloader and made a cve reporter that will query it

Browse source
This commit is contained in:
booboy 2019-05-12 23:56:12 -05:00
parent 07ba0f4fc9
commit 1006b33c64
3 changed files with 49 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
classes/cve_info.rb
View file

@ -1,4 +1,16 @@
class CveInfo class CveReport
def initialize
def cves
# return a list of cve data from the given filename in an array.
self.from_file(filename)
end
def from_file(filename)
# lookup info from the given json.gz filename of cve information.
end
def find(cve_id)
# this should look in the returned array of cve information from self.cves
# and return the given information for the cve_id
end end
end end

17
classes/nvd_client.rb Normal file
View file

@ -0,0 +1,17 @@
require '../modules/nvd_tools'
require 'rest-client'
module NvdTools
class NvdClient
attr_accessor :version, :base_url, :rest_client
def initialize(rest_client: RestClient)
@version = "1.0"
@base_url = "https://nvd.nist.gov/feeds/json/cve/#{version}/"
@rest_client = rest_client
end
def get(url)
rest_client.get "#{base_url}#{url}"
end
end
end

30
classes/nvd_downloader.rb
View file

@ -5,19 +5,19 @@ require '../modules/nvd_tools'
module NvdTools module NvdTools
class NvdDownloader class NvdDownloader
attr_accessor :version, :base_url, :base_filename, :years, :filenames_json attr_accessor :version, :base_url, :base_filename, :years, :filenames_json, :client
MIN_YEAR = '2002' MIN_YEAR = '2002'
MAX_YEAR = '2019' MAX_YEAR = '2019'
AVAILABLE_YEARS = (MIN_YEAR..MAX_YEAR).to_a AVAILABLE_YEARS = (MIN_YEAR..MAX_YEAR).to_a
JSON = 'json.gz' GZIPPED_JSON_EXTENSION = 'json.gz'
def initialize def initialize(client: NvdClient.new)
@version = "1.0"
@base_url = "https://nvd.nist.gov/feeds/json/cve/#{version}/" @base_filename = "nvdcve-#{client.version}-"
@base_filename = "nvdcve-#{version}-"
@years = self.years @years = self.years
@filenames_json = self.filenames(JSON) @filenames_json = self.filenames(GZIPPED_JSON_EXTENSION)
@client = client
end end
def years def years
@ -39,11 +39,6 @@ module NvdTools
year_filenames + other_filenames year_filenames + other_filenames
end end
def get(url)
r = RestClient.get "#{base_url}#{url}"
r.body if r.code == 200
end
def read_gzip_stream(gzip_stream) def read_gzip_stream(gzip_stream)
io_stream = StringIO.new(gzip_stream) io_stream = StringIO.new(gzip_stream)
gz = Zlib::GzipReader.new(io_stream) gz = Zlib::GzipReader.new(io_stream)
@ -59,6 +54,17 @@ module NvdTools
end end
def one_time_import def one_time_import
# experimenting with how i want to do this.
# right now its a loop through the filenames
# and parse all into a json string and store in an array
self.filenames_json.map do |filename|
r = client.get(filename)
sleep(1)
gzip_stream = r.body
json_string = read_gzip_stream(gzip_stream)
parse_json(json_string)
end
# this should be a method that does a one-time import # this should be a method that does a one-time import
# of all of the json.gz from each year + recent + modified json feeds # of all of the json.gz from each year + recent + modified json feeds
end end